Merge remote-tracking branch 'origin/master' into testnet-latest

pallets/core/src/common/policy.rs

@@ -210,7 +210,7 @@ pub trait HasPolicy<T: Limits>: Sized {
     ///
     /// Returns a mutable reference to the underlying data wrapped into an option if the command is authorized,
     /// otherwise returns Err.
-    fn execute_readonly<A, F, R, E>(
+    fn execute_view<A, F, R, E>(
         self,
         f: F,
         action: A,

pallets/core/src/common/signed_action.rs

@@ -15,7 +15,7 @@ where
     /// Verifies signer's signature and nonce, then executes given action providing a reference to the
     /// value associated with the target.
     /// In case of a successful result, increases the signer's nonce.
-    pub fn execute_readonly<F, S, R, E>(self, f: F) -> Result<R, E>
+    pub fn execute_view<F, S, R, E>(self, f: F) -> Result<R, E>
     where
         F: FnOnce(A, <A::Target as StorageRef<T>>::Value, Sig::Signer) -> Result<R, E>,
         E: From<ActionExecutionError> + From<NonceError> + From<Error<T>>,
@@ -32,7 +32,7 @@ where
 
         ActionWrapper::<T, _, _>::new(action.nonce(), (*signer).clone(), action)
             .execute_and_increase_nonce(|ActionWrapper { action, .. }, _| {
-                action.execute_readonly(|action, target_data| f(action, target_data, signer))
+                action.execute_view(|action, target_data| f(action, target_data, signer))
             })
             .map_err(Into::into)
     }

pallets/core/src/modules/accumulator/mod.rs

@@ -179,9 +179,7 @@ pub mod pallet {
         ) -> DispatchResult {
             ensure_signed(origin)?;
 
-            remove
-                .signed(signature)
-                .execute_readonly(Self::remove_params_)
+            remove.signed(signature).execute_view(Self::remove_params_)
         }
 
         #[pallet::weight(SubstrateWeight::<T>::remove_public(remove, signature))]
@@ -194,7 +192,7 @@ pub mod pallet {
 
             remove
                 .signed(signature)
-                .execute_readonly(Self::remove_public_key_)
+                .execute_view(Self::remove_public_key_)
         }
 
         /// Add a new accumulator with the initial accumulated value. Each accumulator has a unique id and it

pallets/core/src/modules/offchain_signatures/mod.rs

@@ -159,9 +159,7 @@ pub mod pallet {
         ) -> DispatchResult {
             ensure_signed(origin)?;
 
-            remove
-                .signed(signature)
-                .execute_readonly(Self::remove_params_)
+            remove.signed(signature).execute_view(Self::remove_params_)
         }
 
         /// Remove existing offchain signature public key. Only the DID controller can remove key and it should use the nonce from the DID module.

pallets/core/src/modules/revoke/mod.rs

@@ -226,8 +226,8 @@ pub mod pallet {
         ) -> DispatchResult {
             ensure_signed(origin)?;
 
-            revoke.execute_readonly(|action, registry: RevocationRegistry<T>| {
-                registry.execute_readonly(Self::revoke_, action, proof)
+            revoke.execute_view(|action, registry: RevocationRegistry<T>| {
+                registry.execute_view(Self::revoke_, action, proof)
             })
         }
 
@@ -248,8 +248,8 @@ pub mod pallet {
         ) -> DispatchResult {
             ensure_signed(origin)?;
 
-            unrevoke.execute_readonly(|action, registry: RevocationRegistry<T>| {
-                registry.execute_readonly(Self::unrevoke_, action, proof)
+            unrevoke.execute_view(|action, registry: RevocationRegistry<T>| {
+                registry.execute_view(Self::unrevoke_, action, proof)
             })
         }
 

pallets/core/src/modules/revoke/tests.rs

@@ -757,12 +757,11 @@ mod test {
             let command = &rev;
             let proof = get_pauth(command, signers);
 
-            let res =
-                command
-                    .clone()
-                    .execute_readonly(|action, registry: RevocationRegistry<Test>| {
-                        registry.execute_readonly(|_, _| Ok::<_, DispatchError>(()), action, proof)
-                    });
+            let res = command
+                .clone()
+                .execute_view(|action, registry: RevocationRegistry<Test>| {
+                    registry.execute_view(|_, _| Ok::<_, DispatchError>(()), action, proof)
+                });
             assert_eq!(res.is_ok(), *expect_success);
 
             if *expect_success {

pallets/core/src/modules/trust_registry/actions.rs

@@ -1,7 +1,7 @@
 use super::*;
 use crate::{
     impl_action_with_nonce,
-    util::{Bytes, KeyedUpdate, Types},
+    util::{Bytes, Types},
 };
 use alloc::{collections::BTreeSet, string::String};
 use frame_support::{CloneNoBound, DebugNoBound, EqNoBound, PartialEqNoBound};
@@ -93,7 +93,7 @@ pub struct UpdateDelegatedIssuers<T: Types> {
 impl_action_with_nonce!(
     for ():
         InitOrUpdateTrustRegistry with 1 as len, () as target,
-        UpdateDelegatedIssuers with delegated.size() as len, () as target
+        UpdateDelegatedIssuers with 1 as len, () as target
 );
 
 impl_action_with_nonce!(

pallets/core/src/modules/trust_registry/benchmarks.rs

@@ -124,7 +124,7 @@ crate::bench_with_all_pairs! {
             registry_id: TrustRegistryId(id),
             schemas: SetOrModify::Modify(schemas.clone().into_iter().map(|(id, schema)| (id, SetOrAddOrRemoveOrModify::Set(schema))).collect()),
             nonce: 2u32.into()
-        }.execute_readonly(|action, set| Pallet::<T>::set_schemas_metadata_(action, set, ConvenerOrIssuerOrVerifier(did.into()))).unwrap();
+        }.execute_view(|action, set| Pallet::<T>::set_schemas_metadata_(action, set, ConvenerOrIssuerOrVerifier(did.into()))).unwrap();
 
         let update_issuers = schemas.keys().map(
             |schema_id| {
@@ -208,7 +208,7 @@ crate::bench_with_all_pairs! {
         };
         ActionWrapper::<T, _, _>::new(1u32.into(), Convener(did.into()), init_or_update_trust_registry.clone()).execute::<T, _, _, _, _>(|action, set| Pallet::<T>::init_or_update_trust_registry_(action.action, set, Convener(did.into()))).unwrap();
 
-        let delegated = UnboundedDelegatedIssuers((0..i).map(|idx| Issuer(Did([idx as u8; 32]).into())).collect());
+        let delegated = UnboundedDelegatedIssuers((0..i).map(|idx| Issuer(Did([idx as u8 + 90; 32]).into())).collect());
 
         for issuer in delegated.iter() {
             TrustRegistryIssuerSchemas::<T>::insert(init_or_update_trust_registry.registry_id, Issuer(did.into()), IssuerSchemas(Default::default()));
@@ -323,7 +323,7 @@ crate::bench_with_all_pairs! {
             registry_id: TrustRegistryId(id),
             issuers: issuers.clone().into_iter().collect(),
             nonce: 1u32.into()
-        }.execute_readonly::<T, _, _, _, _>(|action, reg_info| Pallet::<T>::suspend_issuers_(action, reg_info, Convener(did.into()))).unwrap();
+        }.execute_view::<T, _, _, _, _>(|action, reg_info| Pallet::<T>::suspend_issuers_(action, reg_info, Convener(did.into()))).unwrap();
 
         let unsuspend_issuers = UnsuspendIssuers {
             registry_id: TrustRegistryId(id),

pallets/core/src/modules/trust_registry/impl.rs

@@ -1,5 +1,11 @@
+use core::iter::repeat;
+use itertools::Itertools;
+
 use super::{types::*, *};
-use crate::util::{ActionExecutionError, ApplyUpdate, NonceError, TranslateUpdate, ValidateUpdate};
+use crate::util::{
+    ActionExecutionError, ApplyUpdate, IncOrDec, MultiTargetUpdate, NonceError, TranslateUpdate,
+    ValidateUpdate,
+};
 use alloc::collections::BTreeSet;
 
 impl<T: Config> Pallet<T> {
@@ -14,15 +20,19 @@ impl<T: Config> Pallet<T> {
         convener: Convener,
     ) -> DispatchResult {
         TrustRegistriesInfo::<T>::try_mutate(registry_id, |info| {
-            if let Some(existing) = info.replace(TrustRegistryInfo {
+            let name = name
+                .try_into()
+                .map_err(|_| Error::<T>::TrustRegistryNameSizeExceeded)?;
+            let gov_framework = gov_framework
+                .try_into()
+                .map_err(|_| Error::<T>::GovFrameworkSizeExceeded)?;
+            let new_info = TrustRegistryInfo {
                 convener,
-                name: name
-                    .try_into()
-                    .map_err(|_| Error::<T>::TrustRegistryNameSizeExceeded)?,
-                gov_framework: gov_framework
-                    .try_into()
-                    .map_err(|_| Error::<T>::GovFrameworkSizeExceeded)?,
-            }) {
+                name,
+                gov_framework,
+            };
+
+            if let Some(existing) = info.replace(new_info) {
                 if existing.convener != convener {
                     Err(Error::<T>::NotTheConvener)?
                 }
@@ -56,7 +66,7 @@ impl<T: Config> Pallet<T> {
         let mut validation = StorageAccesses::default();
         schemas
             .validate_and_record_diff(actor, registry_id, &registry_info, &mut validation)
-            .map_err(|error| StepError::Validation(error, validation.clone()))
+            .map_err(|error| StepError::Validation(error.into(), validation.clone()))
             .map(|validated_update| StepStorageAccesses {
                 validation,
                 execution: validated_update.execute(registry_id),
@@ -82,8 +92,38 @@ impl<T: Config> Pallet<T> {
 
         TrustRegistryIssuerConfigurations::<T>::try_mutate(registry_id, issuer, |config| {
             delegated.ensure_valid(&issuer, &config.delegated)?;
-            delegated.apply_update(&mut config.delegated);
 
+            let issuer_schema_ids = TrustRegistryIssuerSchemas::<T>::get(registry_id, issuer);
+            let issuers_diff = delegated.keys_diff(&config.delegated);
+
+            for (issuer, update) in issuers_diff.iter() {
+                let schema_ids_update: MultiTargetUpdate<_, IncOrDec> = issuer_schema_ids
+                    .iter()
+                    .copied()
+                    .zip(repeat(update.translate_update().unwrap()))
+                    .collect();
+                let schema_ids = TrustRegistryDelegatedIssuerSchemas::<T>::get(registry_id, issuer);
+
+                schema_ids_update.ensure_valid(issuer, &schema_ids)?;
+            }
+
+            for (issuer, update) in issuers_diff {
+                let schema_ids_update: MultiTargetUpdate<_, IncOrDec> = issuer_schema_ids
+                    .iter()
+                    .copied()
+                    .zip(repeat(update.translate_update().unwrap()))
+                    .collect();
+
+                TrustRegistryDelegatedIssuerSchemas::<T>::mutate(
+                    registry_id,
+                    issuer,
+                    |schema_ids| {
+                        schema_ids_update.apply_update(schema_ids);
+                    },
+                );
+            }
+
+            delegated.apply_update(&mut config.delegated);
             Self::deposit_event(Event::DelegatedIssuersUpdated(registry_id, issuer));
 
             Ok(())
@@ -172,13 +212,32 @@ impl<T: Config> Pallet<T> {
         reg_id: TrustRegistryId,
         issuer_or_verifier: IssuerOrVerifier,
     ) -> BTreeSet<TrustRegistrySchemaId> {
-        let issuer_schemas = Self::registry_issuer_schemas(reg_id, Issuer(*issuer_or_verifier));
+        let issuer_schemas =
+            Self::registry_issuer_or_delegated_issuer_schemas(reg_id, Issuer(*issuer_or_verifier));
         let verifier_schemas =
             Self::registry_verifier_schemas(reg_id, Verifier(*issuer_or_verifier));
 
         issuer_schemas.union(&verifier_schemas).copied().collect()
     }
 
+    pub fn registry_issuer_or_delegated_issuer_schemas(
+        reg_id: TrustRegistryId,
+        issuer_or_delegated_issuer: Issuer,
+    ) -> BTreeSet<TrustRegistrySchemaId> {
+        let IssuerSchemas(issuer_schemas) =
+            Self::registry_issuer_schemas(reg_id, issuer_or_delegated_issuer);
+        let DelegatedIssuerSchemas(delegated_issuer_schemas) =
+            Self::registry_delegated_issuer_schemas(reg_id, issuer_or_delegated_issuer);
+
+        delegated_issuer_schemas
+            .into_iter()
+            .map(|(key, _)| key)
+            .into_iter()
+            .merge(issuer_schemas)
+            .dedup()
+            .collect()
+    }
+
     pub fn aggregate_schema_metadata(
         (reg_id, schema_id): (TrustRegistryId, TrustRegistrySchemaId),
     ) -> Option<AggregatedTrustRegistrySchemaMetadata<T>> {